MDKSA-2003:034-1

Problem description

Digital Defense Inc. released a paper detailing insecurities in various
terminal emulators, including rxvt. Many of the features supported by
these programs can be abused when untrusted data is displayed on the
screen. This abuse can be anything from garbage data being displayed
to the screen or a system compromise.
Update:
The packages for Mandrake Linux 9.1/PPC were not GPG-signed. This has
been fixed and as a result the md5sums have changed. Thanks to Mark
Lyda for pointing this out.